General
-
Target
d09a5d798a5137461ad80f28bce48b4c3ba66d26b5ed58444f8aa016b92f671d
-
Size
1.1MB
-
Sample
240424-cjvcxseb3t
-
MD5
7664adbf3e310c1864611e6750783efe
-
SHA1
ae55de538641cefa3fa46581e606003a4c0d67ea
-
SHA256
d09a5d798a5137461ad80f28bce48b4c3ba66d26b5ed58444f8aa016b92f671d
-
SHA512
16a1bcc81fb1ab36f21d7af1b0ac1a3772616f92f9aa087d7e0538ed26c9239eef2e0b6979f7c12793a80fec72b3a4dd659e80372d57b842909e216435845579
-
SSDEEP
24576:3qDEvCTbMWu7rQYlBQcBiT6rprG8aRm1gf76vuNQN:3TvC/MTQYxsWR7aR9fOGy
Static task
static1
Behavioral task
behavioral1
Sample
d09a5d798a5137461ad80f28bce48b4c3ba66d26b5ed58444f8aa016b92f671d.exe
Resource
win7-20240220-en
Malware Config
Extracted
Protocol: smtp- Host:
mail.aquareklam.com - Port:
587 - Username:
[email protected] - Password:
Aqua1923
Targets
-
-
Target
d09a5d798a5137461ad80f28bce48b4c3ba66d26b5ed58444f8aa016b92f671d
-
Size
1.1MB
-
MD5
7664adbf3e310c1864611e6750783efe
-
SHA1
ae55de538641cefa3fa46581e606003a4c0d67ea
-
SHA256
d09a5d798a5137461ad80f28bce48b4c3ba66d26b5ed58444f8aa016b92f671d
-
SHA512
16a1bcc81fb1ab36f21d7af1b0ac1a3772616f92f9aa087d7e0538ed26c9239eef2e0b6979f7c12793a80fec72b3a4dd659e80372d57b842909e216435845579
-
SSDEEP
24576:3qDEvCTbMWu7rQYlBQcBiT6rprG8aRm1gf76vuNQN:3TvC/MTQYxsWR7aR9fOGy
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-